A handling device of security data of a vehicle includes: an in-vehicle unit having a portable unit authenticating unit, an EEPROM, a ROM, and a controller; a vehicle having the in-vehicle unit, a door locking mechanism, and a communication unit; and a portable unit for locking or unlocking the door locking mechanism of the vehicle. In the above device, an encryption unit for encrypting the security data with a cipher key is interposed between the controller and the EEPROM, the security data is encrypted with the cipher key and stored into the EEPROM, according to the instruction from the controller based on the authentication result of the portable unit authenticating unit, and the cipher key is stored into the ROM.
|
1. A handling device of security data comprising:
an in-vehicle unit having a portable unit authenticating unit, a nonvolatile memory, a general controller, and a data encryption controller;
a vehicle having the in-vehicle unit, and a communication unit; and
a portable unit for giving a control instruction to the in-vehicle unit of the vehicle through communication with the communication unit, wherein a first cipher key is stored in the portable unit and the in-vehicle unit,
wherein the portable unit transmits a signal encrypted with the first cipher key indicating a id of the portable unit to the vehicle,
the communication unit receives the transmission signal,
the portable unit authenticating unit authenticates as to whether the signal is a transmission signal that is transmitted from a predetermined portable unit based on a comparison between the reception signal encrypted with the first cipher key and data indicating the id of the portable unit stored in the nonvolatile memory or not,
the general controller causes the in-vehicle unit to perform the control instructions if the portable unit authenticating unit judges that the signal is a transmission signal that is transmitted from a predetermined portable unit,
the data encryption controller for encrypting security data of the vehicle with a second cipher key is interposed between the general controller and the nonvolatile memory of the in-vehicle unit, and
the security data is encrypted by the data encryption controller with the second cipher key and stored into the nonvolatile memory according to an instruction from the general controller when the in-vehicle unit is set into a security data register mode.
6. A handling method of security data of a vehicle provided with an in-vehicle unit having a portable unit authenticating unit, a first nonvolatile memory, a general controller and a data encryption controller, a vehicle having the in-vehicle unit, a door locking mechanism, and a communication unit, and a portable unit for locking or unlocking a door locking mechanism of the vehicle through communication with the communication unit, wherein a first cipher key is stored in the portable unit and the in-vehicle unit, the method comprising:
transmitting, from the portable unit, instructions for locking/unlocking the door locking mechanism of the vehicle and a signal encrypted with the first cipher key indicating a id of the portable unit and
receiving the signal encrypted with the first cipher key by the communication unit provided in the vehicle;
the portable unit authenticating unit authenticating as to whether the signal is a transmission signal that is transmitted from a predetermined portable unit based on a comparison between data indicating the id of the portable unit stored in the nonvolatile memory and data indicating the id of the portable unit contained in the signal transmitted from the portable unit or not;
the central controller provided in the in-vehicle unit causing the door lock mechanism to be locked/unlocked if the portable unit authenticating unit judges that the signal is a transmission signal that is transmitted from a predetermined portable unit;
wherein the data encryption controller for encrypting the id of the portable unit with a second cipher key is interposed between the general controller and the nonvolatile memory of the in-vehicle unit, and
the id of the portable unit contained in the signal transmitted from the portable unit is encrypted by the data encryption controller with the second cipher key and stored into the nonvolatile memory according to an instruction from the general controller when the transmission signal is received from the portable unit after setting the in-vehicle unit into an id register mode.
2. The handling device of security data, according to
3. The handling device of security data, according to
4. The handling device of security data, according to
5. The handling device of security data according to
7. The handling method of security data according to
|
|||||||||||||||||||||||||
1. Field of the Invention
The present invention relates to a technique for handing security data such as an ID code and a cipher key in remote keyless entry (RKE), when automatically locking or unlocking the door of a vehicle according to communication with a portable unit.
2. Description of the Related Art
Hitherto, as the remote keyless entry (RKE) for locking or unlocking the door locking mechanism of a vehicle, there are known a manual RKE that is in one-way communication from a portable unit to an in-vehicle unit as well as a passive RKE that is in two-way communication between a portable unit and an in-vehicle unit. This passive RKE is to lock or unlock the door of a vehicle automatically and perform two-way communication between a portable unit a user carries and an in-vehicle unit set in the vehicles. As a result of the recognition of the portable unit ID and the in-vehicle ID, when the in-vehicle unit authenticates the portable unit, it performs the locking or unlocking operation on the door locking mechanism 5. Each of the portable unit and the in-vehicle unit has a unique ID (Identification Code) and cipher key (Key) in order to authenticate with each other, and at a communication time, they communicate with each other through a signal obtained by encrypting the data including the ID with the cipher key.
In description of the concrete function of the passive RKE, the in-vehicle unit 2 transmits a request signal at regular intervals. The request signal, including the in-vehicle ID, can be received at only a short distance. When the portable unit 20 is out of the reach of a request signal, it cannot receive the request signal. While, when a person carrying the portable unit approaches the vehicle, coming into the reach of a request signal, the portable unit receives the request signal, checks the in-vehicle ID included in the request signal, and sends a response signal to the vehicle after confirming that it has been issued from the correct in-vehicle unit.
The in-vehicle unit receives the response signal, takes out the portable unit ID included therein, and compares it with the portable unit ID registered in a memory. In the case of agreement, it issues an unlocking signal to the door locking mechanism 5, to unlock (release) the door, while in the case of disagreement, it does not issue any control signal to the locking mechanism. When a user carrying the portable unit gets off the vehicle and goes far away, the in-vehicle unit issues a locking signal to the door locking mechanism at the point when the portable unit is not in a position to receive a request signal, namely, at the point when the in-vehicle unit is not in a position to receive a response signal.
A request signal and a response signal are encrypted with the cipher key stored by the portable unit and the in-vehicle unit in common and issued, and a receiving party decodes the signal with the cipher key stored in the receiving party.
Since the security data such as the ID and the cipher key should be kept in a memory even if a battery is removed, it is stored in a nonvolatile memory such as an EEPROM or a ROM. The data stored into the EEPROM or the ROM indicates the information value in the form of the original data. Especially, in the in-vehicle unit, it is stored in the EEPROM not in the ROM, because of the peculiar situation of the portable unit ID. This peculiar situation is that the portable unit ID is not initially stored in the in-vehicle, but that the in-vehicle unit, receiving a response signal from some portable unit (one vehicle includes a plurality of portable units having various IDs), analyzes the signal, takes out the portable unit ID previously stored in the same portable unit, and stores it into the self nonvolatile memory of the in-vehicle unit.
Since a car dealer and a user can do this work at any time, it is not necessary to make a match (pairing) of a portable unit and an in-vehicle unit in a manufacturing facility advantageously. However, since the ID will be registered afterward as mentioned above, ROM cannot be used as the storing medium. Further, through a signal transmitted from one to the other in the in-vehicle unit and the portable unit, the cipher key will be also registered in the other afterward (although
In the above-mentioned conventional technique, while use of a ROM as a nonvolatile memory prevents others from decoding the stored contents of the ROM easily, it takes a lot of time and trouble to decode the information. On the contrary, generally, it is comparatively easy to analyze the stored contents of the EEPROM. Accordingly, when the data of the portable ID and the cipher key stored in the EEPROM is decoded by others and its rule is analyzed by others, the security of many cars having similar cipher keys may be compromised. Using conventional techniques, there has been a problem from the viewpoint of the security of a car because the security data such as the ID and the cipher key is stored in the EEPROM as it is with no change of value.
An object of the invention is to prevent others from decoding the security data, even if reading the data, by encrypting the security data to be stored in the EEPROM and/or the ROM that is a nonvolatile memory before storing the above.
In order to solve the above problem, the invention adopts the following structure.
A handling device of security data comprises: an in-vehicle unit having a portable unit authenticating unit, a nonvolatile memory, and a controller; a vehicle having the in-vehicle unit, an in-vehicle system, and a communication unit; and a portable unit for giving a control instruction to the in-vehicle system of the vehicle through communication with the communication unit, in which device an encryption unit for encrypting the security data of the vehicle with a cipher key is interposed between the controller and the nonvolatile memory of the in-vehicle unit, and the security data is encrypted with the cipher key and stored into the nonvolatile memory according to the instruction from the controller. Further, a handling method of security data of a vehicle provided with the in-vehicle unit having the portable unit authenticating unit, the nonvolatile memory, and the controller, the vehicle having the in-vehicle unit, a door locking mechanism, and the communication unit, and the portable unit for locking or unlocking the door locking mechanism of the vehicle through communication with the communication unit, comprises a step of encrypting the security data with a cipher key in an encryption unit provided between the controller and the nonvolatile memory of the in-vehicle unit, and a step of storing the encrypted signal into the nonvolatile memory and storing the cipher key into another nonvolatile memory than the above nonvolatile memory. According to the handling device or method of the security data, since the security data is stored in the nonvolatile memory in the form of the signal encrypted with the cipher key, there is no fear that the security data of the vehicle may be decoded by others.
In the handling device of security data, the cipher key is stored in another nonvolatile memory than the nonvolatile memory storing the encrypted signal of the security data. In the handling device of security data, the security data includes a portable unit ID, the nonvolatile memory is an EEPROM, and the other nonvolatile memory is a ROM. According to the above structure, since the cipher key is kept in the nonvolatile memory such as the ROM whose data is difficult to decode, in handing the security data such as the portable unit ID, there is no fear that the cipher key may be read out by others.
A device and a method of handling the security data according to an embodiment of the invention will be described with reference to
In the drawings, the reference numeral 1 designates a vehicle, 2 designates an in-vehicle unit, 3 designates a portable unit receiving/transmitting antenna, 4 designates a door open/close detector, 5 designates a door locking mechanism (in-vehicle system), 6 designates a portable unit authenticating unit, 7 designates a general controller, 8 designates a ROM, 9 designates an EEPROM (Electrically Erasable Programmable Read-Only Memory), 10 designates a data encryption controller, 20 designates a portable unit, 21 designates an antenna of portable unit, and 22 designates an EEPROM within the portable unit.
In
More specifically, the in-vehicle unit 2 transmits a request signal including the in-vehicle unit ID to the portable unit 20 through the antenna 3 at regular intervals, while the portable unit 20 transmits a response signal including the portable unit ID to the in-vehicle unit 2 through the antenna 21, in a manner of the two-way communication. The portable unit authenticating unit 6 of the in-vehicle unit 2 compares the portable unit ID included in the response signal from the portable unit 20 with the portable unit ID previously stored in the EEPROM 9. In the case of agreement, the general controller 7 releases the door lock by issuing an unlocking signal to the door locking mechanism 5, while in the case of disagreement, the general controller 7 never issues the unlocking signal to the door locking mechanism 5 and never releases the door lock.
The request signal from the in-vehicle unit 2 and the response signal from the portable unit 20 are encrypted with a first cipher key stored in both the portable unit and the in-vehicle unit and issued, and in a receiving party, the request signal or the response signal is decoded with the first cipher key stored in the receiving party.
In use of the remote keyless entry (RKE), the portable unit ID included in a response signal is newly registered in the in-vehicle unit by setting the in-vehicle unit at the ID register mode to analyze a response signal issued by the portable unit 20, take out the corresponding portable unit ID, and store it in the EEPROM 9. In short, a prescribed portable unit ID is not previously stored in the in-vehicle unit 2, but the portable ID of a portable unit is learned and stored. Thus, a portable unit ID is stored before use of the RKE, rather then simultaneously with completion of the manufacture of an in-vehicle unit. Therefore, the portable unit ID is stored in a nonvolatile memory, not in a ROM but in an EEPROM.
The EEPROM 9 of the vehicle 1 in
The ID (portable unit ID and in-vehicle unit ID) stored in the EEPROM 9 is a signal encrypted with a second cipher key by the data encryption controller 10. If ID is stored in the EEPROM directly in the form of its original signal as done the conventional technique, the ID may be decoded by others because of the structure of the EEPROM, which is a serious problem from the viewpoint of security of the vehicle. According to the invention, since ID is encrypted with the second cipher key and stored in the EEPROM 9, the ID cannot be decoded even if the data is read out by others. Together with the first cipher key for a request signal and a response signal, the second cipher key is also stored in the ROM 8 whose data is difficult to decode.
As mentioned above, according to the invention, data (for example, a request signal and a response signal) used for the communication between an in-vehicle unit and a portable unit is encrypted with the first cipher key and the security data (for example, ID) to be stored in the EEPROM, not in the ROM is encrypted with the second cipher key, hence to prevent others from decoding the data. Here, the first cipher key and the second cipher key are both stored into the ROM whose data is difficult to decode.
Although the above description has been made, by way of example, in the case of storing the portable unit ID into the EEPROM 9 of the in-vehicle unit, the in-vehicle unit ID is also stored in the EEPROM 9, in addition to the portable unit ID, and this in-vehicle unit ID is also encrypted with the second cipher key. Further, the portable unit 20 may be provided with the EEPROM 22 and some controller not illustrated and the in-vehicle unit ID and the corresponding portable unit ID may be encrypted and stored in this nonvolatile memory.
Although the above description has been made, by way of example, by using the passive RKE for issuing a request signal at regular intervals, a trigger switch may be provided in a door handle, and the operation of the trigger switch may cause the transmission of a request signal. Further, although the description has been made, by way of example, in the case where the in-vehicle system is the door locking mechanism, the in-vehicle system is not restricted to this, but it may be some other device such as an engine starter. In the case of the engine starter, the trigger switch may be built in the ignition cylinder for inserting a mechanical key or it may be built as an individual switch.
According to the invention, since the security data is stored in the form of a signal encrypted with a cipher key, when storing it into a nonvolatile memory, there is no fear that the security data of a vehicle may be decoded by others.
Since the cipher key is stored in a nonvolatile memory such as a ROM whose data is difficult to decode, there is no fear that the cipher key may be read by others.
Further, also in the communication through a request signal and a response signal in the remote keyless entry, the security is assured by encrypting through two-way communication with the other cipher key, and since the other cipher key is stored in a nonvolatile memory such as a ROM whose data is difficult to decode, there is no fear that the other cipher key may be decoded by others.
| Patent | Priority | Assignee | Title |
| 7813729, | Sep 08 2006 | The Boeing Company | System and method for associating a wireless mobile communications device with a specific vehicle |
| 7957735, | Sep 08 2006 | The Boeing Company | System and method for associating a wireless mobile communications device with a specific vehicle |
| 8373541, | Sep 16 2008 | Lear Corporation | Vehicle remote control system |
| 8442719, | Dec 22 2011 | MORGAN STANLEY SENIOR FUNDING, INC | Field superposition apparatus, system and method therefor |
| 8570144, | Mar 11 2011 | MORGAN STANLEY SENIOR FUNDING, INC | Field superposition system and method therefor |
| 8884740, | Apr 27 2011 | Audi AG | Method for actuating a function of a vehicle from a large distance |
| 9048681, | Feb 22 2012 | MORGAN STANLEY SENIOR FUNDING, INC | Wireless power and data apparatus, system and method |
| Patent | Priority | Assignee | Title |
| 5392356, | Jan 21 1993 | Fujitsu Limited | Mobile telephone terminal and method of preventing unlawful use thereof |
| 5610574, | Feb 17 1995 | Honda Giken Kogyo Kabushiki Kaisha | Data processing apparatus for vehicle |
| 5679984, | Feb 17 1994 | Bayerische Motoren Werke AG | Vehicle security system |
| 5774550, | Apr 01 1994 | Daimler AG | Vehicle security device with electronic use authorization coding |
| 5787367, | Jul 03 1996 | FCA US LLC | Flash reprogramming security for vehicle computer |
| 6043752, | Dec 25 1996 | Mitsubishi Denki Kabushiki Kaisha | Integrated remote keyless entry and ignition disabling system for vehicles, using updated and interdependent cryptographic codes for security |
| 6384711, | Nov 05 1997 | MEDECO SECRURITY LOCKS, INC | Electronic lock in cylinder of standard lock |
| EP663650, | |||
| EP903271, | |||
| EP1098472, | |||
| WO9517739, |
| Executed on | Assignor | Assignee | Conveyance | Frame | Reel | Doc |
| Sep 30 2003 | SUGAWARA, TAKEHITO | ALPS ELECTRIC CO , LTD | ASSIGNMENT OF ASSIGNORS INTEREST SEE DOCUMENT FOR DETAILS | 014619 | /0375 | |
| Oct 16 2003 | Alps Electric Co., Ltd | (assignment on the face of the patent) | / | |||
| Jan 01 2019 | ALPS ELECTRIC CO , LTD | ALPS ALPINE CO , LTD | CHANGE OF NAME SEE DOCUMENT FOR DETAILS | 048208 | /0802 |
| Date | Maintenance Fee Events |
| Feb 24 2012 | M1551: Payment of Maintenance Fee, 4th Year, Large Entity. |
| Feb 23 2016 | M1552: Payment of Maintenance Fee, 8th Year, Large Entity. |
| Mar 08 2017 | ASPN: Payor Number Assigned. |
| Mar 09 2020 | M1553: Payment of Maintenance Fee, 12th Year, Large Entity. |
| Date | Maintenance Schedule |
| Sep 16 2011 | 4 years fee payment window open |
| Mar 16 2012 | 6 months grace period start (w surcharge) |
| Sep 16 2012 | patent expiry (for year 4) |
| Sep 16 2014 | 2 years to revive unintentionally abandoned end. (for year 4) |
| Sep 16 2015 | 8 years fee payment window open |
| Mar 16 2016 | 6 months grace period start (w surcharge) |
| Sep 16 2016 | patent expiry (for year 8) |
| Sep 16 2018 | 2 years to revive unintentionally abandoned end. (for year 8) |
| Sep 16 2019 | 12 years fee payment window open |
| Mar 16 2020 | 6 months grace period start (w surcharge) |
| Sep 16 2020 | patent expiry (for year 12) |
| Sep 16 2022 | 2 years to revive unintentionally abandoned end. (for year 12) |